North Korea Training "Cyberwarriors" Abroad 128
jfruhlinger writes "A North Korean defector claims that the secretive totalitarian state is nurturing a team of "cyberwarriors," identifying young people with computer skills and sending them abroad to learn the latest hacking techniques, while lavishing privileges on their families at home to keep them loyal. This could lead to an escalation in tensions, especially given that the US military believes that cyberattacks from foreign countries constitute acts of war."
"acts of war" (Score:5, Insightful)
Well, if its state sponsored, i have to agree. An attack on a countries infrastructure is still war.
Re: (Score:2)
Could Cyber wars launch nukes?
(Waits to see this on news stations everywhere)
Why? we had no Y2K issue in the 90's. (Score:2)
Re: (Score:2, Funny)
I thought it was a 19100 issue.
Re:"acts of war" (Score:4, Insightful)
Yes, and remember citizens, if They do it, it is an act of war but if We do it, then it is cybersecurity and intelligence gathering.
Seriously, at this point, any country not training or hiring CyberWarriors(TM) is behind the times. Except of course American media likes to be jingoistic and xenophobic, what else is new?
Re: (Score:2)
Re: (Score:2)
Well, if its state sponsored, i have to agree. An attack on a countries infrastructure is still war.
So, USA is in war with Pakistan for quite some time now?
Re: (Score:1)
If you're talking about Stuxnet, Israel is the prime suspect.
Re: (Score:2)
And if we're talking about Stuxnet, the target was Iran.
Re: (Score:1)
Re: (Score:2)
Damn, I'm tired of holding my bladder... my popcorn could use a re-fill too. When this act of War is over, can we please have an intermission?
Or... Wouldn't you prefer a nice game of chess?
Re: (Score:3)
The issue is it lowers the barrier to starting a war, which may mean more wars.
If a kid in say, Iran hacks into some US infrastructure off his own back and causes damage then with the US' venemous hate of the country, is it sensible that they then fire back with conventional weapons such as a cruise missile? Isn't that a dangerous precedent for escalation?
Do you draw the line at whether it's state sponsored? what about when you get politicians crying state sponsorship and pushing for war when it's not?
Hones
Re: (Score:2)
I highly doubt a man pedaling a stationary bike powering an Atari is an act of war.
Re: (Score:1)
Based on the criteria, we'd be "at war" with nearly every modern Internet-connected government in the world.
Re:"acts of war" (Score:4, Insightful)
Maybe. But they are running out of white elephants. They need a new enemy, and they need a new one NOW! How else are they going to justify the 2014 budget?
Crackers / Hackers / Hacktivists (bleh!) are one of those groups that people don't really understand (like Muslims, Chinese, etc.) that makes it easy to say "THEY CAN DO BAD THINGS, JUST LOOK AT THEM!" and no one really knows them well-enough to say otherwise. A little priming ("they might be working with drug dealers and arms smugglers...child pornography and human trafficking"), and the media will take to it the way cancer takes to a prostate gland. That civil rights are being strip-mined and purses looted to fuel these witch hunts does not matter; all that matters is that the Good Guys win in the end. And that the guys with guns and small brains get paid. We really haven't progressed from a feudal society, have we?
You can't make a typical Marine into a cyber security expert; the skill-sets for either are almost mutually exclusive. This, of course, does not prevent people from buying security certs and taking pointless low-level courses in basic networking, then declaring themselves security experts. Nor will it prevent the congress critters from lavishing their favorite security firms with outlandish contracts which provide no real security.
I'm not saying that you can't train a Marine into a cyber security expert; what I'm saying is that for every 1 Marine you manage to successfully train, you will have 40,000 hackers / crackers, with higher levels of expertise in the relevant fields, ready to bitch-slap him and his friends off the internet. I think the US government has more to fear from its own people here than foreign governments; and screwing around where it doesn't belong is only going to cause them to lose control that much faster.
Remember, you have lots of underemployed CS / IT people here in the US, because their jobs got sent overseas. Factor in a screwed up currency and a never-ending recession. You end up with down-trodden, under-payed, over-worked, and typically highly-trained in all that technology class of people. Now tell them that the US government is going to help make things more secure, by mandating that a bunch of ill-trained marines have backdoor access to every important system in the US. That they need to keep port 23423 open at all times, or they will be fined. That they need to configure their systems to use some officially sanctioned software for virus protection, because someone in DC managed to pass a law mandating it.
They will get a war, but it won't be the one they are preparing for.
Re: (Score:2)
Ignoring relatively electronically secure infrastructure like nuclear reactors that actually aren't connected to the Internet (and shouldn't be), if an electronic enemy could knock out all VPN connections in the USA then the
Re: (Score:1)
Don't worry (Score:2)
Re:Don't worry (Score:5, Insightful)
The US has already got their cyber warriors in training for this. They are using the highly sophisticate program/simulation game called "Homefront"
Unfortunately for the USA, 'cyber war' is another form of asymmetrical warfare where the USA's massive budget can't help them.
Hacker teams require relatively little in the way of resources, while allowing weak militaries to punch far above their weight.
Worse, a country like North Korea has minimal internet exposure compared to the USA's massive reliance on the internet.
Re: (Score:2)
Re: (Score:2)
Then the sooner we are attacked the sooner we build an immune response. Viruses and malware begat resistance by coercing countermeasures.
What we need, and it's not "nice", is an attack that does real damage and takes down enough systems to force attention.
Re: (Score:1)
Better tools/weapons, better hardware/faster tools (Score:2)
If you have better hardware to run your botnet on, you can crack passwords faster, crash servers faster via DDOS, or do many things better.
Beyond this for coordination, communication and intelligence high technology is essential. Satellites aren't cheap. Truly secure encrypted communication mechanisms aren't cheap. None of this stuff will be cheap.
North Koreans do not have the advantage in computing power. They might have the advantage in man power, training, skill, but not in computing power. This means ev
Re: (Score:2)
The US has already got their cyber warriors in training for this.
Whenever I see the word "cyberwarrior" I tend to think "battleship". In the prelude to WWI European powers spent what would equate to tens of billions of today's pounds building battleships that were veritable floating fortresses meant to control the seas giving a decisive advantage. Battleships that spent most of WWI in dock.
For all the talk, battleships did nothing. It wasn't until generals started thinking "how do I get around this problem" as opposed to "how many men do I have to throw at the enemy
Re: (Score:2)
Cutting cables? You obviously don't know what the hell you are talking about if you don't consider the entire electromagnetic spectrum.
If cables are cut, radiowaves, light waves, microwaves or any other mechanism can be used.
Re: (Score:2)
If you think we connect vital systems by wireless you clearly don't know what the hell you're talking about.
As soon as any threat presents itself, you simply cut off vital systems from the network. Air gap wins.
You need to get over your raging hard on for the word "cyber warrior" and come back to reality. If transmissions cannot be secured, we'll do it the old fashio
Re: (Score:2)
If you think we connect vital systems by wireless you clearly don't know what the hell you're talking about.
As soon as any threat presents itself, you simply cut off vital systems from the network. Air gap wins.
You need to get over your raging hard on for the word "cyber warrior" and come back to reality. If transmissions cannot be secured, we'll do it the old fashioned way, never underestimate the bandwidth of cpl noname with a case of USB drives handcuffed to his wrist.
Preparing for the "Cyber war" is utterly useless in an age where we cant afford the existing military pork barrel projects. Everything a "Cyber Command" does is already covered under existing cryptography units.
The room would have to be sound proof, light proof, emissions proof, as would all the computers in that room. The air gap would be completely useless if the room leaks emissions. Also the electricity use would have to be masked in such a way so that it cannot be analyzed.
I'm not saying I know all the precautions that the government is taking, I'm saying just disconnecting a computer from the network by cutting the cable is not enough. Any emissions leak at all will leak information which could be analyzed b
Further more (Score:2)
Each of these technologies requires a base station, a point of ingress into an internal network. You cant simply just beam a microwave signal into nowhere. If a country wanted to cut itself off from the internet, it would be quite easy as you can simply shut down the transmitters and outgoing routers.
Where did you learn about wide area networking?
Or wireless, I'm yet to see a wireless technology that did not re
Re: (Score:2)
Each of these technologies requires a base station, a point of ingress into an internal network. You cant simply just beam a microwave signal into nowhere. If a country wanted to cut itself off from the internet, it would be quite easy as you can simply shut down the transmitters and outgoing routers.
Where did you learn about wide area networking?
Or wireless, I'm yet to see a wireless technology that did not require a receiver. That would a physical bit of hardware that can be shut down, well, physically.
Countries like Thailand and China already control all the points of interconnect for data, it wouldn't be hard for the US or UK to completely isolate themselves if the need arises (they simply have more points of interconnect to send troops to). But what is more likely is that vital infrastructure is simply removed from the public grid. An air gap can easily be gated by a human. When Mil.net 1 wants to send something to Mil.net 2, the data can be loaded onto USB key, a Pvt simply moves this from the private USB slot to the public USB slot where it can be transmitted (or just carries the key over manually).
Seriously, what do they teach people about network security these days.
Learn about Tempest. Just because you aren't connected to the internet it doesn't mean your computers on the network are properly shielded and wont produce emissions which can easily be intercepted. Intercepted emissions in the form of light, sound, radiation, the flow of electricity, all of this can be intercepted to give an adversary an accurate picture of whats going on inside the computer.
Not entirely true (Score:2)
A cyber team would need botnets. Good computers. Expensive software.
Little in the way of resources? You can't even crack passwords without a decently powered computer or series of computers to do it.
Yes you might be able to do it with a PS3 and sure it's cheaper to pay for cyber warriors than for airforce pilots or something like that, but it's cheaper on paper than it will be in practice.
Finally it depends on the kind of attack. Not every attack requires a lot of money or resources. The expense would come
they should put in POW camps and the universities (Score:1, Flamebait)
Re: (Score:2)
They are doing a war act and the universities if they are us should be ad risk of losing alot
So universities shouldn't accept students from Korea? Or China?
Re: (Score:3)
Exactly, 3 weeks out of North Korea and they'll never go back.
Re: (Score:2)
RTFS.
"sending them abroad to learn the latest hacking techniques, while lavishing privileges on their families at home to keep them loyal", where the privileges probably mean the precious privilege of being alive.
Re: (Score:2)
Or more accurately, the precious privilege of keeping one's family alive.
Re: (Score:2)
Simply not the case for two main reasons. One, North Korea is not Eastern Europe with a disgruntled population resenting an oppressive government, but essentially a nation of true believers. Their Stalinist propaganda state has reached levels that Stalin only dreamed of. The government not only controls all the methods of communication, but actually has the population believing what they say. It's like an entire national cult, and anybody who mig
What could possibly go wrong? (Score:5, Funny)
So, the totalitarian state with a complete control of the news sends its best and most idealistic young men outside the country, to learn about the internet, with the idea that they will go back home and use their knowledge to destroy the foreign enemies.
A fiendish plan. How could it possibly go wrong?
Re: (Score:2)
A fiendish plan. How could it possibly go wrong?
All those new Farmville and Mafia Wars players? I think the Internet is unprepared for an attack of that magnitude.
Re: (Score:2)
I think the Internet can't handle firepower of that magnitude.
FTFY.
Re: (Score:2)
Re: (Score:1)
Nothing, because they know if they defect or otherwise do wrong by the state then their families will be put in forced labor camps, 3 generations worth.
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
I know your comment is supposed to be funny, but on the serious side I doubt these youngsters would turn on the NK regime. They're so thoroughly brainwashed they're far more likely to remain loyal to the bitter end.
Re: (Score:1)
And more importantly, while they are sent abroad, their families are not.
Re: (Score:2)
Can't; not with their family held hostage.
Re: (Score:2)
Oh right, this is Slashdot.
Who was the audience (Score:2, Insightful)
Who would of thought such a thing would happen? . .
Re: (Score:3)
Defector says something host country wants to hear
Who would of thought such a thing would happen?.
You apparently. Only accurate information is useful. And, of course, I'm sure it would never occur to you that the information would be cross-checked? That's what I figured.....
Re: (Score:2)
Which story would sell more papers "North Koreans get scholarship to study computing abroad" or "North Korean CyberWarriors being train abroad"
Only information that agrees with a predetermined position is useful (in politics anyway)
Case in point, the information from defectors that formed the Iraqi National Congress.
All the information was in complete disagreement with the UN weapons Inspections - Guess which group was denigrated?
yep the one that disagreed with t
Re: (Score:3)
Accurate information is everything. Unfortunately, the British and US intelligence agencies pushed for war based on such wonderful intelligence like some poor chaps university essay, hearsay and outright lies.
I wonder if the costly embarrassment that was the Iraq invasion could have been avoided if actual cross-checking had taken place...
Re: (Score:2)
Actually, the U.S. Intelligence agencies pushed AGAINST war on the grounds they didn't trust the intelligence. It was the Bush administration that twisted it to promote the war. Geeze, at least get your history straight.
Re: (Score:2)
I'd love to see any actual evidence supporting your "version" of events, because thats not what I've seen - the US intelligence agencies were falling over themselves trying to supply supporting evidence to the Bush administration.
Learn it from whom? (Score:3)
Re: (Score:2)
Who do they think these guys are going to learn from? Most of the "hacker underground" just wants some lulz or quick and easy cash these days.
Given North Korea's perpetual shortage of hard currency, this last part may very well be exactly what they're looking for.
They will probably recruit (Score:2)
They'll probably recruit from the underground. Since the underground needs cash, North Korea would probably just offer cash for code.
Then they'll read the code, learn to write their own code, and thats how they'll learn.
The Stuxnet authors? You think they are the only skilled programmers? They are the skilled programmers recognized by the government, probably with clearance, but not the only skilled programmers. The North Korens can target game developers and find programmers with an equal level of skill if
Meanwhile... (Score:2)
Re: (Score:3)
Re: (Score:3)
If those are obstacles for you then you are not qualified.
Until recently, being gay made you not qualified. Do you think every barrier to entry is justified, or is it just possible that our military is being inflexible and depriving themselves of talent because of it?
A person's age, sex, sexual orientation, poor eyesight, or even disability isn't a hinderance in this line of work: all that is required is a brain and a way of getting information in and out of it. Every asset the military deprives themselves of because of their ass-backwards recruitment policy is an
Re: (Score:2)
Of course. The entrance exam is breaking into the relevant server, and adding your name to the list of applicants.
Re: (Score:2)
What if you aren't interested in applying, but just want to borrow their servers for the weekend? You know, for a Botnet or something really insane like.BitCoin generators on every server + client I can find on that subnet? If Congress can sell our national forests to foreigners, I call dibs on the NSA super-cluster.
More stick than carrot (Score:3)
If you think the psychopathic dictators in North Korea use carrots to keep expats loyal, you're crazy. Their families are held hostage - to the extreme. These expats know full well that, should they fail to return, their families will be moved to one of many NK concentration camps [bbc.co.uk] (best scenario) or just summarily executed (more likely).
Re: (Score:3)
And remember kids, the places outside the prison camps are the "garden spots" of North Korea [globalsecurity.org], with a much better night life, and day life, or any life at all, for that matter.
"Lavishing privileges on their families at home" (Score:2)
Re: (Score:2)
Bribery. (Score:2)
I doubt these North Koreans have a better choice. They either serve North Korea and their families get privileges or they don't an their families get tortured or killed.
Since nobody knows exactly what goes on in North Korea, the privilege could be allowing them to stay alive.
Sensational? (Score:2)
Re: (Score:2)
If the Internet is going to be a theater of future conflicts, then isn't it sensible for *all* countries to have some aptitude in the area? Has the US sworn off having any "cyberwarriors" of its own? Or is there really going to be one set of rules for the US and another set of rules for the rest of the world?
All countries have them, at least any first and second world, and those in the third world with the resources. Clearly if you're going to attack a country you want to lead with a disruption of their infrastructure and media. It doesn't matter if you hit a refinery with a cruise missile or shut down its computers - the result is the same, and it'll serve the same purpose.
Re: (Score:1)
The Second World were Communist Bloc countries, there is only one of those left, Cuba.
Vietnam, Eastern Europe, the People's Republic of China, Mongolia, even Albania have moved on economically and politically.
It's North Korea (Score:1)
sardaukar? (Score:1)
Sounds like kim jun ill might have done a bit of frank herbert reading. Isn't that how the emperor kept the sardaukar loyal? by telling them that it was a test all along and that they were the best of the best, then lavish perks on them.
"Act of War" (Score:5, Insightful)
except when such cyber warfare is directed at Iran by a join Israel/U.S. operation. Then it's just ... uh. Definitely not war.
Re: (Score:1)
The US and Iran have been engaged in open and proxy warfare since the US Embassy Hostage Crisis in 1979. Then the Persian Gulf and Operation Preying Mantis while Iran backed Hezbollah and had the Revolutionary Guards fighting the US and France in Lebanon.
Iran and Israel have had openly hostile relations since 1979.
US bombing Iranian naval units, Iran blowing up embassies in Lebanon, Iran arming Hezbollah to attack Israel or Israel committing industrial sabotage against Iran, it all stems from the Islamic Re
Re: (Score:2)
Re: (Score:2)
"Act of War" except when such cyber warfare is directed at Iran by a join Israel/U.S. operation. Then it's just ... uh. Definitely not war
So, your thinking is what? That poor, peaceful Iran is being picked on? That the mean old US and Israel started a war on blameless Iran? Apart from the fact that you are speculating about the source of Stuxnet, the outrage is purely imaginary. If anything, Iran is lucky things aren't worse for it given its reckless, murderous behavior.
Israel Seizes Cargo Ship Carrying Tons of Iranian Weapons Bound For Hamas in Gaza [liveleak.com]
Hezbollah's stockpile bigger, deadlier [latimes.com]
War (Score:1)
Re: (Score:3)
What is a Cyberwarrior? (Score:1)
Re: (Score:2)
Cyberwarrior is the most ridiculous piece of psy-op, misinformation the public is bombarded with. A Cyberwarrior is no more a "Warrior" than my tea-cup poodle is a "Guard" dog.
My late grandmother actually had a tiny little poodle that successfully drove off a home invader. Not sure if it was quite teacup-sized, but it definitely earned the title guard dog.
We do need skilled computer scientist, information security specialist, cryptologist, and cryptanalyst to fight against those who would stage attacks against freedom loving internet enthusiasts. But "Warriors" they are not. If you don't agree with me, then you don't agree with the dictionary either....I have no love for North Korea but they are only trying to protect themselves from the (US Government and Israel) which the evidence points to them as the aggressors in the Iranian Nuclear Power Plant computer virus...
At least in the Army, the term "warrior" now tends to mean someone who is anything but. After all, everyone who actually does fight has a term for them, I was in the Cavalry, and we're all scouts or cavalry troopers or, sometimes, avatars of awesomeness, the infantry are grunts, infants, special folk, the artillery are arty, gun
Re: (Score:2)
Disagree.
A cyber warrior is as much of a warrior as a pilot or a sniper. Sure a pilot or a sniper doesn't necessarily take as much or the same kind of risk as the guy kicking in doors, but a sniper can be counter sniped. A pilot can be shot to pieces.
A hacker can be hacked, and disappeared by counter intelligence.
Re: (Score:2)
Disagree.
A cyber warrior is as much of a warrior as a pilot or a sniper. Sure a pilot or a sniper doesn't necessarily take as much or the same kind of risk as the guy kicking in doors, but a sniper can be counter sniped. A pilot can be shot to pieces.
I didn't actually address the question of whether they were warriors or not. My point was more that the term, which was already fairly archaic, has become a meaningless buzzword.
When there's an engagement, you generally have the combat units and everyone else. The combat units rehearse battle drills and plans and such, and everyone else's job is to get out of the way. No doubt, the support personnel shoot back when they have to, they take big risks, and their service is perfectly honorable. But their role i
Re: (Score:2)
I didn't actually address the question of whether they were warriors or not. My point was more that the term, which was already fairly archaic, has become a meaningless buzzword.
When there's an engagement, you generally have the combat units and everyone else. The combat units rehearse battle drills and plans and such, and everyone else's job is to get out of the way. No doubt, the support personnel shoot back when they have to, they take big risks, and their service is perfectly honorable. But their role is not combat oriented, and it's wrongheaded to conflate the two
That is my point. I don't consider cyber warriors "support personnel" in an information war, I consider them to be the main unit. In these new kinds of war which don't involve conventional weapons it's pointless to think of the hacker as the support personnel. In a conventional war where you are dealing with conventional weaponry, the hackers would be the ones to disrupt enemy communication. In an unconventional war the hackers may be the main units leading the revolution, civil war, etc. They also will be
Cyberwarrior? (Score:2)
That is a good question. Nobody actually defines what a cyber warrior is. I assume it's any hacker or former hacker who helps the feds.
The government needs to decide what a cyber warrior is and what their mission is. That being said anyone who risks their life and who fights in war is either a soldier or a warrior. Hackers get killed, hackers risk their lives, so they are warriors as much as anybody else, but they are information warriors.
Not Soviet or Russian... (Score:2)
In Dictatorship of North Korea : You Hack Government!
And in other news... (Score:1)
If NK wants to be a real threat... (Score:2)
Re: (Score:2)
Since When? (Score:1)
*cough CHINA cough*
For We Have no WalMart (Score:2)
north korea (Score:1)
Re: (Score:2)
Republican fearmongering says we need to invade North Korea.
Don't be silly. North Korea *actually* has nukes. The US has no problem invading people *suspected* of having nukes, but hell if they'll set foot in any place that actually has them. They had plenty of legitimate opportunities to invade North Korea and just shrugged it off. 1) North Korea routinely threatens the South AND the US. 2) They aren't bullshitting - they've actually sunk SK military ships, bombed islands, kidnapped people from the south, counterfeit US currency, etc, etc 3) They openly test ab
Re: (Score:3)
N. Korea has no oil (*), nor is it in any shipping lanes. It's safe.
Libya: oil exporter
Iraq: oil exporter
Afghanistan: Trans-Afghanistan Pipeline (proposed Natural Gas route)
(*) Well maybe a little -- an estimated 12 million barrels: http://www1.korea-np.co.jp/pk/072nd_issue/98120202.htm [korea-np.co.jp]
For context, the US burns 19.15m barrels per day, so N. Korea's potential reserves amount to about a 15 hour supply for the US. In other words, N. Korea has no oil.
Re: (Score:2)
We don't know that. We should send some prospectors in there just to be sure. Maybe we will find some gold? I think the US Treasury is going to need some soon...
Re: (Score:3)
Totally false. Japan spends almost as much on their military as the United Kingdom. They just don't call it one.
http://data.worldbank.org/indicator/MS.MIL.XPND.GD.ZS?cid=GPD_42 [worldbank.org]
J
Re: (Score:2)
Since when has fear mongering been solely a Republican vice? Remember Senator Clinton got right in line behind Bush to start the Iraq fiasco ( http://www.youtube.com/watch?v=HtK9AzcU42g [youtube.com] ), and Obama has gotten us into a third war.
The only hope we have is that China will stop lending us money to blow up shit, but neither Democrats nor Republicans have demonstrated any motivation to decelerate our entry into any war possible.